Recently I was implementing a HttpMoudle. and stuck with the error which is said System.NullReferenceException: Object reference not set to an instance of an object.
Here is my code .
public class MyHttpModuler : IHttpModule
{
private static IAuthProvider authProvider=null;
#region IHttpModule members
/// <summary>
/// Disposes of the resources (other than memory) used by the module that implements <see cref="T:System.Web.IHttpModule"/>.
/// </summary>
public void Dispose()
{
authProvider.Dispose();
authProvider = null;
}
public void Init(HttpApplication application)
{
authProvider = new BasicAuthProvider("achievo");
application.BeginRequest += new EventHandler(Application_BeginRequest);
}
private void Application_BeginRequest(object sender, EventArgs e)
{
HttpApplication app = (HttpApplication)sender;
HttpRequest request = app.Request;
HttpResponse response = app.Response;
TryAuthenticate(app);
}
#endregion
#region private method
/// <summary>
/// Tries to authenticate the user
/// </summary>
/// <param name="context">The context.</param>
/// <returns></returns>
private bool TryAuthenticate(HttpApplication context)
{
string authHeader = context.Request.Headers["Authorization"];
if (!string.IsNullOrEmpty(authHeader))
{
if (authHeader.StartsWith("basic ", StringComparison.InvariantCultureIgnoreCase))
{
string userNameAndPassword = Encoding.Default.GetString(
Convert.FromBase64String(authHeader.Substring(6)));
string[] parts = userNameAndPassword.Split(':');
if (authProvider.IsValidUser(parts[0], parts[1]))
{
//the authProvider object sometimes is null .Why?
return true;
}
}
}
return false;
}
#endregion
}
public class BasicAuthProvider : IAuthProvider
{
#region IAuthProvider Members
public string DomainName { get; set; }
public BasicAuthProvider(string sDmName)
{
DomainName = sDmName;
}
public bool IsValidUser(string userName, string password)
{
string sFullName = "LDAP://" + DomainName + ".com";
bool bLogin = ADHelper.IsAuthenticated(sFullName, DomainName + @"\" + userName, password);
return bLogin;
}
public bool IsRequestAllowed(HttpRequest request,string sName)
{
return sName == "joe.wang";
}
public void Dispose()
{
}
#endregion
}
Especially when multiple user get into the Website. the exception of NullReferenceException happened. and when I debug, I found sometimes Init method may not be called. Maybe that is the why the exception happened . Anybody could help me to check it ?Thanks
The problem is (as Aristos pointed out) that you have made the authProvider static.
That means that when several users are generating requests at the same time, there will be several instances of you HttpModule running simultaneously. But they will all share one authProvider.
So it's possible that User A starts a request, causing a new instance of you module to run it's Init method. Then the thread handling that request is put on hold and another request from User B starts, causing another a new intance of the module to run it's Init method. This will overwrite the instance in authProvider that was put there in User A's request . Then that thread is put on hold and the previous thread from User A is resumed and finishes processing the request, thereby Disposing the authProvider (set by User B's request) and setting it to null. After that the request from User B once again resumes and finds that authProvider is now null.
Based on the code you have provided, it seems like the simplest possible solution is to simply remove the static keyword from the line:
private static IAuthProvider authProvider=null;
Then each instance of the HttpModule will have it's own copy of the authProvider and one request will not affect the state of another.
you have set as static your main object authProvider, so you need to make synchronize when you make it and delete it.
private static IAuthProvider authProvider=null;
So you need to write it as:
public class MyHttpModuler : IHttpModule
{
//can not be shared with others request.
//private IAuthProvider authProvider = null;
//We do not need it now.
//private static readonly object _lockObj = new object();
#region IHttpModule members
/// <summary>
/// Disposes of the resources (other than memory) used by the module that implements <see cref="T:System.Web.IHttpModule"/>.
/// </summary>
public void Dispose()
{
//authProvider.Dispose();
//authProvider = null;
}
public void Init(HttpApplication application)
{
application.BeginRequest += new EventHandler(Application_BeginRequest);
}
private void Application_BeginRequest(object sender, EventArgs e)
{
HttpApplication app = (HttpApplication)sender;
HttpRequest request = app.Request;
HttpResponse response = app.Response;
TryAuthenticate(app);
}
#endregion
#region private method
/// <summary>
/// Tries to authenticate the user
/// </summary>
/// <param name="context">The context.</param>
/// <returns></returns>
private bool TryAuthenticate(HttpApplication context)
{
IAuthProvider authProvider = new BasicAuthProvider("achievo");
string authHeader = context.Request.Headers["Authorization"];
if (!string.IsNullOrEmpty(authHeader))
{
if (authHeader.StartsWith("basic ", StringComparison.InvariantCultureIgnoreCase))
{
string userNameAndPassword = Encoding.Default.GetString(
Convert.FromBase64String(authHeader.Substring(6)));
string[] parts = userNameAndPassword.Split(':');
if (authProvider.IsValidUser(parts[0], parts[1]))
{
//the authProvider object sometimes is null .Why?
authProvider=null;
return true;
}
}
}
authProvider=null;
return false;
}
#endregion
}
来源:https://stackoverflow.com/questions/12069472/httpmodule-init-method-were-not-called